Extracted

• • Target

    0f864e321dc7b94307069928c160b4e9cc0d3b5284e3a5f87e69aaa918ef9d1c.bin

  • Size

    749KB

  • MD5

    61abc8011036dea5a183161853e9bb64

  • SHA1

    d333c417999fcc00411c6fbe615437597067fe72

  • SHA256

    0f864e321dc7b94307069928c160b4e9cc0d3b5284e3a5f87e69aaa918ef9d1c

  • SHA512

    f0c9329640a130a7b480d5dc3c02da8031b90e5c31c2996ac7dbfcccbf042a00e927458edda9b46aaaec6043d16d4a41b1e1876ba51d7fcc428886101218da6b

  • SSDEEP

    12288:j7Zka1a8Lde/3ADOizU5WmpYshXZPbGwidNpg57:j7qa1a6e/mOizU5WmD9idNpO

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3